Project

General

Profile

Feature #5402

want monitor datalink

Added by Josef Sipek almost 6 years ago.

Status:
New
Priority:
Low
Assignee:
-
Category:
networking
Start date:
2014-12-06
Due date:
% Done:

0%

Estimated time:
Difficulty:
Hard
Tags:
needs-triage
Gerrit CR:

Description

Fancy network switches allow one to designate a port as a "monitoring" port. This port will then get a copy of all packets (depends on exact config) for network analysis tools to inspect.

It would be nice to be able to create a "vnic" that act as a bridge of as far as inbound packets are concerned, and as a black hole as far as outbound packets are concerned. In other words, say we do:

# dladm create-vnic -l e1000g0 net0
# dladm create-vnic -l e1000g0 net1
# dladm create-monitor -l e1000g0 mon0

Then, we pass the mon0 link to a zone/kvm/whatever. Any packet that is sent or received via e1000g0 will get set to mon0 as well. Any packet originating from mon0 is simply dropped.

This will allow monitoring software to have access to all the packets without a risk of them accidentally sending packets of their own. (Perhaps the ro/rw nature of the interface could be toggled via a linkprop.)

Also available in: Atom PDF